Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Oracle DB installation: Permission error

EN
EN February 12, 2018

Hello to the community.

 

We are currently trying to set up a new confluence Installation using an Oracle Database.

During the Installation, the installer is showing the following error:

Permission error

Your database user needs the 'CREATE TABLE' privilege.

 

Now, I've checked with our Database Administrator and he confirmed that the user actually has this privilege. This privilege is in the role Resource already defined.

Is there a way to bypass this check during the installation?

 

Thank you

Evangelos

 

Answer
Watch
Like Be the first to like this
1707 views

6 answers

0 votes
Marco Paleani
Marco Paleani
Contributor
March 6, 2022

@atlassian: fix this for Oralce please!

Update your code and use this sql: 

select privilege from sys.role_sys_privs where role in (select granted_role from SYS.USER_ROLE_PRIVS);

instead of checking the name of roles...

On big Companies and big Oracle Clusters you cant ask the admin, to give you just a special role, because your vendor is not working excately.

Also to the community leaders: You missed the point...

@others

if you have the same problem, here is your workaround / hack, if you are sure, that you have all the needed rights on your installation:

--------------------------------------------------------
-- DDL for Table USER_ROLE_PRIVS
--------------------------------------------------------

CREATE TABLE USER_ROLE_PRIVS
( USERNAME VARCHAR2(20), 
GRANTED_ROLE VARCHAR2(20)
);
Insert into USER_ROLE_PRIVS (USERNAME,GRANTED_ROLE) values ('<name of the schema owner>','CONNECT');
Insert into USER_ROLE_PRIVS (USERNAME,GRANTED_ROLE) values ('<name of the schema owner>','RESOURCE');

--------------------------------------------------------
-- DDL for Table USER_SYS_PRIVS
--------------------------------------------------------

CREATE TABLE USER_SYS_PRIVS
( USERNAME VARCHAR2(20), 
PRIVILEGE VARCHAR2(20)
);
Insert into USER_SYS_PRIVS (USERNAME,PRIVILEGE) values ('<name of the schema owner>','CREATE TABLE');
Insert into USER_SYS_PRIVS (USERNAME,PRIVILEGE) values ('<name of the schema owner>','CREATE SEQUENCE');
Insert into USER_SYS_PRIVS (USERNAME,PRIVILEGE) values ('<name of the schema owner>','CREATE TRIGGER');

 

This will create the "needed" tables for the installation checkup on your own schema

View More Comments
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
March 6, 2022

There's nothing to fix on the Atlassian side, your database needs to be set up correctly.

Like
Marco Paleani
Marco Paleani
Contributor
March 6, 2022

DB is set up correctly - if you like to check, that a user has specific rights, you should check the rights.

If you have a role assigned with that name, but not the expected rights behind, the installation fails.

Like Atlassian-Experts_EPOS-CAT likes this
Reply
0 votes
EN
EN February 14, 2018

Found a solution.

Looks like Confluence is using another way to check if the user has some privileges.

In Jira, the installer was smart enough to check for the different roles that the user has.

 

During Confluence installation, our DB admin granted temporarily all the necessary privileges for the confluence user. When the installation was finished, we changed the privileges back again to the same ones that the Jira user also uses.

The Confluence runs without any issues.

I guess that the developers should have a look in the methods that check what the user can/cannot do during the installation process.

Reply
0 votes
EN
EN February 12, 2018

But with the Jira software and another user(with exactly the same rights and privileges) the installer worked and the Tables were created.

View More Comments
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 12, 2018

Then there's a difference in privileges between the two users.

Like
Reply
0 votes
EN
EN February 12, 2018

Hi all,

as I said, the user can create tables. This doesn't seem to be the problem.

The problem is how confluence checks if the user is granted to Create Tables.

 

That's why, I need to somehow change the way confluence decides if the user has these rights or not.

The "resource" and "connect" are already granted to the user, the rest of the privileges are inside another role which the Confluence_user is also a member of.

View More Comments
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 12, 2018

The check is blunt - it tries to create a table.

Forget about roles, they're not working for you here.  Give the user the right permissions directly.

In fact, I'd strongly recommend that you remove the user from all roles - it should be a single user, with full access, and used exclusively by the atlassian application so that it has no need to be in any other roles.

Like
Reply
0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 12, 2018

There's two possibilities here

  • You are not using the right user for the database, and you've got one who does not have create access
  • Your database admin is wrong, the user does not have Create Table.
Reply
0 votes
Thomas Schlegel
Thomas Schlegel
Community Champion
February 12, 2018

No, bypassing this check would make no sense, because Confluence has to create or alter tables during installation.

Are you really sure, that your database user has the create table permission for the schema?

View More Comments
EN
EN February 12, 2018

Hi Thomas,

I can create a table with this user using either a software(like DBArtisan) or using the command line (sqlplus).

 

We are using an extra Role and the needed privileges are inside this role.

My guess is that Confluence checks if the user has direct Create_Table privilege but doesn't check if the needed privileges are somewhere else in another role.

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 12, 2018

You need to grant the user the right to create tables.  Other roles are irrelevant, as they are not used.

Like
Thomas Schlegel
Thomas Schlegel
Community Champion
February 12, 2018

This is necessary according to https://confluence.atlassian.com/doc/database-setup-for-oracle-173821.html :

grant connect to <user>;
grant resource to <user>;
grant create table to <user>;
grant create sequence to <user>;
grant create trigger to <user>;
Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security